Skip to content

Commit e0f71f5

Browse files
committed
experimental repro for #147
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
1 parent 0196885 commit e0f71f5

1 file changed

Lines changed: 78 additions & 2 deletions

File tree

middleware/route_authenticator_test.go

Lines changed: 78 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,10 @@ import (
1414
"github.com/go-openapi/runtime"
1515
)
1616

17+
type principalType struct {
18+
Name string
19+
}
20+
1721
type countAuthenticator struct {
1822
count int
1923
applies bool
@@ -40,18 +44,28 @@ var (
4044
noApplyAuth = runtime.AuthenticatorFunc(func(_ any) (bool, any, error) {
4145
return false, nil, nil
4246
})
47+
successAuthWithPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
48+
return true, &principalType{Name: "the user"}, nil
49+
})
50+
failAuthWithPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
51+
var typedPrincipal *principalType
52+
return true, typedPrincipal, errors.New("unauthenticated")
53+
})
54+
failAuthWithNilPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
55+
var typedPrincipal *principalType
56+
return true, typedPrincipal, nil
57+
})
4358
)
4459

4560
func TestAuthenticateSingle(t *testing.T) {
4661
ra := RouteAuthenticator{
4762
Authenticator: map[string]runtime.Authenticator{
48-
"auth1": successAuth,
63+
"auth1": successAuthWithPointer,
4964
},
5065
Schemes: []string{"auth1"},
5166
Scopes: map[string][]string{"auth1": nil},
5267
}
5368
ras := RouteAuthenticators([]RouteAuthenticator{ra})
54-
5569
require.FalseT(t, ras.AllowsAnonymous())
5670

5771
req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
@@ -64,6 +78,68 @@ func TestAuthenticateSingle(t *testing.T) {
6478
require.Equal(t, ra, *route.Authenticator)
6579
}
6680

81+
func TestAuthenticateWrong(t *testing.T) {
82+
t.Run("with principal as a pointer to a concrete type", func(t *testing.T) {
83+
t.Run("should authenticate", func(t *testing.T) {
84+
ra := RouteAuthenticator{
85+
Authenticator: map[string]runtime.Authenticator{
86+
"auth1": successAuthWithPointer,
87+
},
88+
Schemes: []string{"auth1"},
89+
Scopes: map[string][]string{"auth1": nil},
90+
}
91+
ras := RouteAuthenticators([]RouteAuthenticator{ra})
92+
93+
require.False(t, ras.AllowsAnonymous())
94+
95+
req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
96+
route := &MatchedRoute{}
97+
ok, prin, err := ras.Authenticate(req, route)
98+
require.NoError(t, err)
99+
require.True(t, ok)
100+
require.EqualValues(t, &principalType{Name: "the user"}, prin)
101+
})
102+
t.Run("should not authenticate", func(t *testing.T) {
103+
ra := RouteAuthenticator{
104+
Authenticator: map[string]runtime.Authenticator{
105+
"auth1": failAuthWithPointer,
106+
},
107+
Schemes: []string{"auth1"},
108+
Scopes: map[string][]string{"auth1": nil},
109+
}
110+
ras := RouteAuthenticators([]RouteAuthenticator{ra})
111+
112+
require.False(t, ras.AllowsAnonymous())
113+
114+
req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
115+
route := &MatchedRoute{}
116+
ok, prin, err := ras.Authenticate(req, route)
117+
require.Error(t, err)
118+
require.True(t, ok)
119+
require.Nil(t, prin)
120+
})
121+
t.Run("should yield nil principal", func(t *testing.T) {
122+
ra := RouteAuthenticator{
123+
Authenticator: map[string]runtime.Authenticator{
124+
"auth1": failAuthWithNilPointer,
125+
},
126+
Schemes: []string{"auth1"},
127+
Scopes: map[string][]string{"auth1": nil},
128+
}
129+
ras := RouteAuthenticators([]RouteAuthenticator{ra})
130+
131+
require.False(t, ras.AllowsAnonymous())
132+
133+
req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
134+
route := &MatchedRoute{}
135+
ok, prin, err := ras.Authenticate(req, route)
136+
require.NoError(t, err)
137+
require.True(t, ok)
138+
require.Nil(t, prin)
139+
})
140+
})
141+
}
142+
67143
func TestAuthenticateLogicalOr(t *testing.T) {
68144
ra1 := RouteAuthenticator{
69145
Authenticator: map[string]runtime.Authenticator{

0 commit comments

Comments
 (0)